Ngan's blog

AI Engineer & HPC

Technical blog by Ngan - HPC, AI/ML, AI Architecture

Latest Articles

Browse all topics →

When the Malware Calls the Cloud — A Case Study in AI-Driven Cyberattacks

Intermediate

Google's Threat Intelligence Group just published a snapshot of state-sponsored and criminal actors using LLMs across the full attack lifecycle. The most striking case is PROMPTSPY — an Android backdoor that queries Gemini at runtime to autonomously navigate your phone's UI, intercept biometric gestures, and block its own uninstall. This case study walks through how that works, plus the AI-developed zero-day 2FA bypass, agentic recon frameworks, and LLM-obfuscated malware that round out the report.

Bleeding Llama — How a Single GGUF File Can Bleed Your Ollama Server Dry

Intermediate

CVE-2026-7482 is a critical (CVSS 9.1) unauthenticated heap out-of-bounds read in Ollama's GGUF parser. An attacker uploads a crafted model, calls /api/create, and walks away with your process memory — API keys, system prompts, user conversations, the lot. Around 300,000 internet-exposed Ollama servers are vulnerable. Here's exactly how the bug works, how to check if you're affected, and what to do about it.